jpp/ansible-roles
1
0
Fork 0
mirror of https://git.lapiole.org/dani/ansible-roles.git synced 2025-07-26 15:55:56 +02:00
Code Issues Packages Projects Releases Wiki Activity

Update to 2021-12-01 19:13

Browse Source
This commit is contained in:
Daniel Berteaud
2021-12-01 19:13:34 +01:00
commit 4c4556c660
2153 changed files with 60999 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
roles/unmaintained/papermerge/tasks/archive_post.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- import_tasks: ../includes/webapps_compress_archive.yml
vars:
- root_dir: "{{ papermerge_root_dir }}"
- version: "{{ papermerge_current_version }}"
tags: ged

45
roles/unmaintained/papermerge/tasks/archive_pre.yml Normal file
View File

@@ -0,0 +1,45 @@
---
- name: Create the archive dir
file: path={{ papermerge_root_dir }}/archives/{{ papermerge_current_version }} state=directory
tags: ged
- name: Install postgresql client
package:
name:
- postgresql14
tags: ged
- name: Stop sevices during upgrade
service: name={{ item }} state=stopped
loop:
- papermerge-web
- papermerge-worker
tags: ged
- name: Archive previous version
synchronize:
src: "{{ papermerge_root_dir }}/{{ item }}"
dest: "{{ papermerge_root_dir }}/archives/{{ papermerge_current_version }}/"
recursive: True
delete: True
loop:
- venv
- app
delegate_to: "{{ inventory_hostname }}"
tags: ged
- name: Dump the database
command: >
/usr/pgsql-14/bin/pg_dump
--clean
--create
--host={{ papermerge_db_server | quote }}
--port={{ papermerge_db_port | quote }}
--username=sqladmin {{ papermerge_db_name | quote }}
--file="{{ papermerge_root_dir }}/archives/{{ papermerge_current_version }}/{{ papermerge_db_name }}.sql"
environment:
- PGPASSWORD: "{{ pg_admin_pass }}"
tags: ged

8
roles/unmaintained/papermerge/tasks/cleanup.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- name: Remove tmp and obsolete files
file: path={{ item }} state=absent
loop:
- "{{ papermerge_root_dir }}/tmp/papermerge-{{ papermerge_version }}"
- "{{ papermerge_root_dir }}/tmp/papermerge-{{ papermerge_version }}.tar.gz"
tags: ged

50
roles/unmaintained/papermerge/tasks/conf.yml Normal file
View File

@@ -0,0 +1,50 @@
---
- name: Deploy configuration
template: src={{ item }}.j2 dest={{ papermerge_root_dir }}/app/{{ item }} group={{ papermerge_user }} mode=640
loop:
- papermerge.conf.py
- gunicorn.conf.py
notify: restart papermerge
tags: ged
- name: Deploy production settings
template:
src: production.py.j2
dest: "{{ papermerge_root_dir }}/app/config/settings/production.py"
group: "{{ papermerge_user }}"
mode: 0640
notify: restart papermerge
tags: ged
- name: Iniialize or update the database
django_manage:
command: migrate
app_path: "{{ papermerge_root_dir }}/app"
virtualenv: "{{ papermerge_root_dir }}/venv"
when: papermerge_install_mode != 'none'
notify: restart papermerge
tags: ged
- name: Collect staic files
django_manage:
command: collectstatic
app_path: "{{ papermerge_root_dir }}/app"
virtualenv: "{{ papermerge_root_dir }}/venv"
when: papermerge_install_mode != 'none'
tags: ged
- name: Create an initial superuser
django_manage:
command: createsuperuser --noinput --username admin --email admin@example.org
app_path: "{{ papermerge_root_dir }}/app"
virtualenv: "{{ papermerge_root_dir }}/venv"
environment:
DJANGO_SUPERUSER_PASSWORD: admin
when: papermerge_install_mode == 'install'
tags: ged
- name: Deploy nginx configuration
template: src=nginx.conf.j2 dest=/etc/nginx/ansible_conf.d/40-papermerge.conf
notify: reload nginx
tags: ged

27
roles/unmaintained/papermerge/tasks/directories.yml Normal file
View File

@@ -0,0 +1,27 @@
---
- name: Create directories
file: path={{ item.dir }} state=directory owner={{ item.owner | default(omit) }} group={{ item.group | default(omit) }} mode={{ item.mode | default(omit) }}
loop:
- dir: "{{ papermerge_root_dir }}"
owner: "{{ papermerge_user }}"
group: nginx
mode: 750
- dir: "{{ papermerge_root_dir }}/app"
owner: "{{ papermerge_user }}"
group: nginx
mode: 750
- dir: "{{ papermerge_root_dir }}/data"
owner: "{{ papermerge_user }}"
mode: 700
- dir: "{{ papermerge_root_dir }}/input"
owner: "{{ papermerge_user }}"
mode: 700
- dir: "{{ papermerge_root_dir }}/tmp"
owner: "{{ papermerge_user }}"
mode: 700
- dir: "{{ papermerge_root_dir }}/meta"
mode: 700
- dir: "{{ papermerge_root_dir }}/archives"
mode: 700
tags: ged

40
roles/unmaintained/papermerge/tasks/facts.yml Normal file
View File

@@ -0,0 +1,40 @@
---
- fail: msg="pg_admin_pass must be set"
when: pg_admin_pass is not defined
tags: ged
- import_tasks: ../includes/webapps_set_install_mode.yml
vars:
- root_dir: "{{ papermerge_root_dir }}"
- version: "{{ papermerge_version }}"
tags: ged
- import_tasks: ../includes/webapps_set_install_mode.yml
vars:
- root_dir: "{{ papermerge_root_dir }}"
- version: "{{ papermerge_version }}"
tags: ged
- block:
- set_fact: papermerge_install_mode={{ (install_mode == 'upgrade' and not papermerge_manage_upgrade) | ternary('none',install_mode) }}
- set_fact: papermerge_current_version={{ current_version | default('') }}
tags: ged
# Create a random pass for the DB if needed
- block:
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ papermerge_root_dir }}/meta/ansible_dbpass"
- set_fact: papermerge_db_pass={{ rand_pass }}
when: papermerge_db_pass is not defined
tags: ged
# Create a random secret key
- block:
- import_tasks: ../includes/get_rand_pass.yml
vars:
- pass_file: "{{ papermerge_root_dir }}/meta/ansible_secret_key"
- set_fact: papermerge_secret_key={{ rand_pass }}
when: papermerge_secret_key is not defined
tags: ged

120
roles/unmaintained/papermerge/tasks/install.yml Normal file
View File

@@ -0,0 +1,120 @@
---
- name: Install needed tools
yum:
name:
- rh-python38-python-pip
- rh-python38-python-setuptools
- rh-python38-python-devel
- python-setuptools
- python-psycopg2
- postgresql-devel
- postgresql14
- tesseract
- tesseract-langpack-fra
- tesseract-langpack-deu
- tesseract-langpack-spa
- tesseract-langpack-ita
- pdftk
- glibc.i686 # pdftk from nux-dextop only exists for i686
- libstdc++.i686 # so install a few i686 libs to get it working
- zlib.i686
- poppler-utils
- ImageMagick
- git
- tar
tags: ged
- when: papermerge_install_mode != 'none'
block:
- name: Download papermerge
get_url:
url: "{{ papermerge_archive_url }}"
dest: "{{ papermerge_root_dir }}/tmp/"
checksum: "sha1:{{ papermerge_archive_sha1 }}"
- name: Extract the archive
unarchive: src={{ papermerge_root_dir }}/tmp/papermerge-{{ papermerge_version }}.tar.gz dest={{ papermerge_root_dir }}/tmp remote_src=True
- name: Move papermerge to the correct dir
synchronize:
src: "{{ papermerge_root_dir }}/tmp/papermerge-{{ papermerge_version }}/"
dest: "{{ papermerge_root_dir }}/app/"
recursive: True
delete: True
delegate_to: "{{ inventory_hostname }}"
- name: Fix permissions on the app folder
file: path={{ papermerge_root_dir }}/app/ owner={{ papermerge_user }} group=nginx mode=750
- name: Wipe the venv on upgrades
file: path={{ papermerge_root_dir }}/venv state=absent
- name: Create the venv dir
file: path={{ papermerge_root_dir }}/venv state=directory
- name: Create the venv
pip:
requirements: "{{ papermerge_root_dir }}/app/requirements/base.txt"
virtualenv: "{{ papermerge_root_dir }}/venv"
virtualenv_command: /opt/rh/rh-python38/root/bin/python -m venv
notify: restart papermerge
- name: Install additional python modules
pip:
name:
- psycopg2-binary # building fails here, Python.h not found (??)
- gunicorn
virtualenv: "{{ papermerge_root_dir }}/venv"
virtualenv_command: /opt/rh/rh-python38/root/usr/bin/python -m venv
notify: restart papermerge
tags: ged
- name: Create the PostgreSQL role
postgresql_user:
db: postgres
name: "{{ papermerge_db_user }}"
password: "{{ papermerge_db_pass }}"
login_host: "{{ papermerge_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: ged
- name: Create the PostgreSQL database
postgresql_db:
name: "{{ papermerge_db_name }}"
encoding: UTF-8
template: template0
owner: "{{ papermerge_db_user }}"
login_host: "{{ papermerge_db_server }}"
login_user: sqladmin
login_password: "{{ pg_admin_pass }}"
tags: ged
- name: Create systemd units
template: src={{ item }}.service.j2 dest=/etc/systemd/system/{{ item }}.service
loop:
- papermerge-web
- papermerge-worker
notify: restart papermerge
register: papermerge_units
tags: ged
- name: Reload systemd
systemd: daemon_reload=True
when: papermerge_units.results | selectattr('changed','equalto',True) | list | length > 0
tags: ged
- name: Install a wrapper for manage.py
copy:
content: |
#!/bin/bash
cd {{ papermerge_root_dir }}/app
{{ papermerge_root_dir }}/venv/bin/python ./manage.py $@
dest: /usr/local/bin/papermerge
mode: 755
tags: ged
- name: Set permission on the queue dir
file: path={{ papermerge_root_dir }}/tmp/queue state=directory owner={{ papermerge_user }} group={{ papermerge_user }}
tags: ged

9
roles/unmaintained/papermerge/tasks/iptables.yml Normal file
View File

@@ -0,0 +1,9 @@
---
- name: Handle papermerge port in the firewall
iptables_raw:
name: papermerge_port
state: "{{ (papermerge_src_ip | length > 0) | ternary('present','absent') }}"
rules: "-A INPUT -m state --state NEW -p tcp -m multiport --dports {{ papermerge_port }},{{ papermerge_port | int + 1 }} -s {{ papermerge_src_ip | join(',') }} -j ACCEPT"
tags: firewall,ged

18
roles/unmaintained/papermerge/tasks/main.yml Normal file
View File

@@ -0,0 +1,18 @@
---
- include: user.yml
- include: directories.yml
- include: facts.yml
- include: archive_pre.yml
when: papermerge_install_mode == 'upgrade'
- include: install.yml
- include: selinux.yml
when: ansible_selinux.status == 'enabled'
- include: conf.yml
- include: iptables.yml
when: iptables_manage | default(True)
- include: services.yml
- include: write_version.yml
- include: archive_post.yml
when: papermerge_install_mode == 'upgrade'
- include: cleanup.yml

5
roles/unmaintained/papermerge/tasks/selinux.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: Allow nginx to bind on papermerge port
seport: ports={{ papermerge_port }} proto=tcp setype=http_port_t state=present
tags: ged

8
roles/unmaintained/papermerge/tasks/services.yml Normal file
View File

@@ -0,0 +1,8 @@
---
- name: Start and enable services
service: name={{ item }} state=started enabled=True
loop:
- papermerge-web
- papermerge-worker
tags: ged

5
roles/unmaintained/papermerge/tasks/user.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: Create user account
user: name={{ papermerge_user }} home={{ papermerge_root_dir }} system=True
tags: ged

5
roles/unmaintained/papermerge/tasks/write_version.yml Normal file
View File

@@ -0,0 +1,5 @@
---
- name: Write installed version
copy: content={{ papermerge_version }} dest={{ papermerge_root_dir }}/meta/ansible_version
tags: ged